rc6.c
Go to the documentation of this file.
1 /**
2  * @file rc6.c
3  * @brief RC6-32/20 block cipher
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @section Description
28  *
29  * RC6 is a symmetric key block cipher derived from RC5
30  *
31  * @author Oryx Embedded SARL (www.oryx-embedded.com)
32  * @version 2.5.0
33  **/
34 
35 //Switch to the appropriate trace level
36 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
37 
38 //Dependencies
39 #include "core/crypto.h"
40 #include "cipher/rc6.h"
41 
42 //Check crypto library configuration
43 #if (RC6_SUPPORT == ENABLED)
44 
45 //RC6 magic constants
46 #define P32 0xB7E15163
47 #define Q32 0x9E3779B9
48 
49 //Common interface for encryption algorithms
50 const CipherAlgo rc6CipherAlgo =
51 {
52  "RC6",
53  sizeof(Rc6Context),
54  CIPHER_ALGO_TYPE_BLOCK,
55  RC6_BLOCK_SIZE,
56  (CipherAlgoInit) rc6Init,
57  NULL,
58  NULL,
59  (CipherAlgoEncryptBlock) rc6EncryptBlock,
60  (CipherAlgoDecryptBlock) rc6DecryptBlock,
61  (CipherAlgoDeinit) rc6Deinit
62 };
63 
64 
65 /**
66  * @brief Initialize a RC6 context using the supplied key
67  * @param[in] context Pointer to the RC6 context to initialize
68  * @param[in] key Pointer to the key
69  * @param[in] keyLen Length of the key
70  * @return Error code
71  **/
72 
73 error_t rc6Init(Rc6Context *context, const uint8_t *key, size_t keyLen)
74 {
75  uint_t c;
76  uint_t i;
77  uint_t j;
78  uint_t s;
79  uint_t v;
80  uint32_t a;
81  uint32_t b;
82  uint8_t buffer[RC6_MAX_KEY_SIZE];
83 
84  //Check parameters
85  if(context == NULL || key == NULL)
86  return ERROR_INVALID_PARAMETER;
87 
88  //Invalid key length?
89  if(keyLen > RC6_MAX_KEY_SIZE)
90  return ERROR_INVALID_KEY_LENGTH;
91 
92  //The key is padded with high-order zero bytes if necessary
93  osMemset(buffer, 0, RC6_MAX_KEY_SIZE);
94  osMemcpy(buffer, key, keyLen);
95 
96  //The key bytes are then loaded in little-endian fashion into an array of
97  //words
98  for(i = 0; i < (RC6_MAX_KEY_SIZE / 4); i++)
99  {
100  context->l[i] = LOAD32LE(buffer + i * 4);
101  }
102 
103  //Calculate the length of the key in words
104  c = (keyLen > 0) ? (keyLen + 3) / 4 : 1;
105 
106  //Initialize the first element of S
107  context->s[0] = P32;
108 
109  //Initialize array S to a particular fixed pseudo random bit pattern
110  for(i = 1; i < (2 * RC6_NB_ROUNDS + 4); i++)
111  {
112  context->s[i] = context->s[i - 1] + Q32;
113  }
114 
115  //Initialize variables
116  i = 0;
117  j = 0;
118  a = 0;
119  b = 0;
120 
121  //Number of iterations
122  v = 3 * MAX(c, 2 * RC6_NB_ROUNDS + 4);
123 
124  //Key expansion
125  for(s = 0; s < v; s++)
126  {
127  context->s[i] += a + b;
128  context->s[i] = ROL32(context->s[i], 3);
129  a = context->s[i];
130 
131  context->l[j] += a + b;
132  context->l[j] = ROL32(context->l[j], (a + b) % 32);
133  b = context->l[j];
134 
135  if(++i >= (2 * RC6_NB_ROUNDS + 4))
136  {
137  i = 0;
138  }
139 
140  if(++j >= c)
141  {
142  j = 0;
143  }
144  }
145 
146  //Successful initialization
147  return NO_ERROR;
148 }
149 
150 
151 /**
152  * @brief Encrypt a 16-byte block using RC6 algorithm
153  * @param[in] context Pointer to the RC6 context
154  * @param[in] input Plaintext block to encrypt
155  * @param[out] output Ciphertext block resulting from encryption
156  **/
157 
158 void rc6EncryptBlock(Rc6Context *context, const uint8_t *input,
159  uint8_t *output)
160 {
161  uint_t i;
162  uint32_t t;
163  uint32_t u;
164 
165  //Load the 4 working registers with the plaintext
166  uint32_t a = LOAD32LE(input);
167  uint32_t b = LOAD32LE(input + 4);
168  uint32_t c = LOAD32LE(input + 8);
169  uint32_t d = LOAD32LE(input + 12);
170 
171  //First, update B and D
172  b += context->s[0];
173  d += context->s[1];
174 
175  //Apply 20 rounds
176  for(i = 1; i <= RC6_NB_ROUNDS; i++)
177  {
178  t = (b * (2 * b + 1));
179  t = ROL32(t, 5);
180 
181  u = (d * (2 * d + 1));
182  u = ROL32(u, 5);
183 
184  a ^= t;
185  a = ROL32(a, u % 32) + context->s[2 * i];
186 
187  c ^= u;
188  c = ROL32(c, t % 32) + context->s[2 * i + 1];
189 
190  t = a;
191  a = b;
192  b = c;
193  c = d;
194  d = t;
195  }
196 
197  //Update A and C
198  a += context->s[2 * RC6_NB_ROUNDS + 2];
199  c += context->s[2 * RC6_NB_ROUNDS + 3];
200 
201  //The resulting value is the ciphertext
202  STORE32LE(a, output);
203  STORE32LE(b, output + 4);
204  STORE32LE(c, output + 8);
205  STORE32LE(d, output + 12);
206 }
207 
208 
209 /**
210  * @brief Decrypt a 16-byte block using RC6 algorithm
211  * @param[in] context Pointer to the RC6 context
212  * @param[in] input Ciphertext block to decrypt
213  * @param[out] output Plaintext block resulting from decryption
214  **/
215 
216 void rc6DecryptBlock(Rc6Context *context, const uint8_t *input,
217  uint8_t *output)
218 {
219  uint_t i;
220  uint32_t t;
221  uint32_t u;
222 
223  //Load the 4 working registers with the ciphertext
224  uint32_t a = LOAD32LE(input);
225  uint32_t b = LOAD32LE(input + 4);
226  uint32_t c = LOAD32LE(input + 8);
227  uint32_t d = LOAD32LE(input + 12);
228 
229  //First, update C and A
230  c -= context->s[2 * RC6_NB_ROUNDS + 3];
231  a -= context->s[2 * RC6_NB_ROUNDS + 2];
232 
233  //Apply 20 rounds
234  for(i = RC6_NB_ROUNDS; i > 0; i--)
235  {
236  t = d;
237  d = c;
238  c = b;
239  b = a;
240  a = t;
241 
242  u = (d * (2 * d + 1));
243  u = ROL32(u, 5);
244 
245  t = (b * (2 * b + 1));
246  t = ROL32(t, 5);
247 
248  c -= context->s[2 * i + 1];
249  c = ROR32(c, t % 32) ^ u;
250 
251  a -= context->s[2 * i];
252  a = ROR32(a, u % 32) ^ t;
253  }
254 
255  //Update D and B
256  d -= context->s[1];
257  b -= context->s[0];
258 
259  //The resulting value is the plaintext
260  STORE32LE(a, output);
261  STORE32LE(b, output + 4);
262  STORE32LE(c, output + 8);
263  STORE32LE(d, output + 12);
264 }
265 
266 
267 /**
268  * @brief Release RC6 context
269  * @param[in] context Pointer to the RC6 context
270  **/
271 
272 void rc6Deinit(Rc6Context *context)
273 {
274  //Clear RC6 context
275  osMemset(context, 0, sizeof(Rc6Context));
276 }
277 
278 #endif
RC6_BLOCK_SIZE
#define RC6_BLOCK_SIZE
Definition: rc6.h:38
b
uint8_t b
Definition: nbns_common.h:104
ROR32
#define ROR32(a, n)
Definition: crypto.h:838
a
uint8_t a
Definition: ndp.h:411
CipherAlgoEncryptBlock
void(* CipherAlgoEncryptBlock)(void *context, const uint8_t *input, uint8_t *output)
Definition: crypto.h:1045
rc6.h
RC6-32/20 block cipher.
CIPHER_ALGO_TYPE_BLOCK
@ CIPHER_ALGO_TYPE_BLOCK
Definition: crypto.h:988
t
uint8_t t
Definition: lldp_ext_med.h:212
STORE32LE
#define STORE32LE(a, p)
Definition: cpu_endian.h:279
rc6Deinit
void rc6Deinit(Rc6Context *context)
Release RC6 context.
Definition: rc6.c:272
RC6_MAX_KEY_SIZE
#define RC6_MAX_KEY_SIZE
Definition: rc6.h:40
rc6EncryptBlock
void rc6EncryptBlock(Rc6Context *context, const uint8_t *input, uint8_t *output)
Encrypt a 16-byte block using RC6 algorithm.
Definition: rc6.c:158
rc6DecryptBlock
void rc6DecryptBlock(Rc6Context *context, const uint8_t *input, uint8_t *output)
Decrypt a 16-byte block using RC6 algorithm.
Definition: rc6.c:216
Rc6Context
RC6 algorithm context.
Definition: rc6.h:58
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:144
error_t
error_t
Error codes.
Definition: error.h:43
rc6Init
error_t rc6Init(Rc6Context *context, const uint8_t *key, size_t keyLen)
Initialize a RC6 context using the supplied key.
Definition: rc6.c:73
CipherAlgoDecryptBlock
void(* CipherAlgoDecryptBlock)(void *context, const uint8_t *input, uint8_t *output)
Definition: crypto.h:1048
rc6CipherAlgo
const CipherAlgo rc6CipherAlgo
Definition: rc6.c:50
ERROR_INVALID_KEY_LENGTH
@ ERROR_INVALID_KEY_LENGTH
Definition: error.h:107
crypto.h
General definitions for cryptographic algorithms.
Rc6Context::l
uint32_t l[RC6_MAX_KEY_SIZE/4]
Definition: rc6.h:59
u
uint8_t u
Definition: lldp_ext_med.h:213
RC6_NB_ROUNDS
#define RC6_NB_ROUNDS
Definition: rc6.h:42
CipherAlgoInit
error_t(* CipherAlgoInit)(void *context, const uint8_t *key, size_t keyLen)
Definition: crypto.h:1036
MAX
#define MAX(a, b)
Definition: os_port.h:67
Q32
#define Q32
Definition: rc6.c:47
ROL32
#define ROL32(a, n)
Definition: crypto.h:832
Rc6Context::s
uint32_t s[2 *RC6_NB_ROUNDS+4]
Definition: rc6.h:60
CipherAlgo
Common interface for encryption algorithms.
Definition: crypto.h:1104
s
uint8_t s
Definition: igmp_common.h:234
LOAD32LE
#define LOAD32LE(p)
Definition: cpu_endian.h:203
P32
#define P32
Definition: rc6.c:46
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
osMemset
#define osMemset(p, value, length)
Definition: os_port.h:138
CipherAlgoDeinit
void(* CipherAlgoDeinit)(void *context)
Definition: crypto.h:1051
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
c
uint8_t c
Definition: ndp.h:514